by Jasmine Chennikara-Varghese
More organizations are moving to the Zero Trust Security model as a way to overcome the challenges of typical perimeter security. As the boundaries of the corporate cyber landscape blur, securing the perimeter becomes more difficult. There are no longer corporate data centers containing the network of business systems. Applications are now both on premise or migrated to the cloud and users are accessing these applications worldwide from a variety of endpoint devices.
Organizations have also relied on network segmentation to separate trusted internal network traffic from the untrusted external traffic. However, the perimeters of those network segments can potentially be breached by internal users who are less trustworthy than expected or have been compromised by external threat actors. The most serious data breaches occurred because once the external attacker gained a foothold inside the corporate network — through a system vulnerability, compromised credentials or a gap in the firewall – they became an internal user, able to access internal systems with minimal effort.
The Zero Trust Security model assumes that untrusted users exist on both sides of the perimeter. With the Zero Trust approach, there is no automatic trusting of anything inside the corporate landscape or outside its boundaries. Any device or user trying to connect to internal business systems must be verified before access is granted. To achieve this, organizations leverage technologies such as multi-factor authentication, IAM, network access control and encryption. Zero Trust also calls for governance policies that realize a least-privilege approach so users are granted the right amount of access explicitly or through job roles to accomplish a specific task.
Another key element of the Zero Trust approach is to log and inspect all traffic and activity, not just those originating externally. There will always be privileged users who have access to sensitive data in the system, making those user accounts potential conduits for data tampering and data leakage. As a result, continuous monitoring and analysis of user activities is required. The Greenlight Application Security Monitoring (ASM) solution offers near-real-time application and user activity monitoring. ASM enables security teams to monitor privileged account usage as well as detect false user accounts and unusual user activity.
Click here to earn how Greenlight ASM provides application visibility and integrates with your Zero Trust paradigm.